<?php
if(!defined('BASEPATH'))
    exit('No direct script access allowed');

/*
 * Site Sentry security library for Code Igniter applications
 * Author: James Nicol, Glossopteris Web Designs & Development, www.glossopteris.com, April 2006
 *
 *
 */

class Site_sentry {

    function Site_sentry() {
        $this -> obj = &get_instance();
    }

    function is_logged_in() {

        if($this -> obj -> session) {

            //If user has valid session, and such is logged in
            if($this -> obj -> session -> userdata('logged_in')) {
                return TRUE;

            } else {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    function login_routine($user='',$pass='') {
    	
        //Initialise the Encryption Library
    	$CI=$this->obj;
		$CI->load->library('encrypt');
		$logged_in=false;
		
		//check if user is existed and enabled
		$CI->db->select('*,role.name as role_name,role.id as role_id,login.id as login_id');
		$CI->db->from('login');
		$CI->db->join('role', 'role.id = login.role_id');
		//$CI->db->join('staff', 'staff.login_id = login.id');
		$CI->db->where("login.username",$user);
		$CI->db->where("login.password",$pass);
		
		
		$query=$CI->db->get();

		$row=$query->num_rows();
		
	 	//identify if user is admin or staff
		if($row>0)
		{
			foreach($query->result() as $rs) {
			//for admin
			if($rs->role_name==$CI->config->item('admin'))
			{
				
				$logged_in=true;
				$data_session["login_id"]=$rs->login_id;	
				$data_session["role_name"]=$rs->role_name;
                $data_session["roleid"]=$rs->role_id;
				$data_session["logged_in"]=true;	
			  $CI->session->set_userdata($data_session);	
			}//for staff
			elseif($rs->role_name==$CI->config->item('staff'))
			{
				
				$CI->db->select('*,role.name as role_name,role.id as role_id,login.id as login_id
				,staff.name as staff_name,staff.dob as staff_dob,staff.email as staff_email,department.id as department_id');
				$CI->db->from('staff');
				$CI->db->join('login', 'staff.login_id = login.id');
				$CI->db->join('role', 'role.id = login.role_id');
				$CI->db->join('department', 'staff.department_id = department.id');
				$CI->db->where("staff.login_id",$rs->login_id);
				
				
				$queryz=$CI->db->get();
		
				$rowz=$queryz->num_rows();
				if($rowz>0)
				{
					
					foreach($queryz->result() as $rss)
					{
							$staff_id=$rss->staff_id;
							$staff_name=$rss->staff_name;	
							$staff_dob=$rss->staff_dob;
							$role_name=$rss->role_name;
							$role_id=$rss->role_id;
							$staff_email=$rss->staff_email;
							$department_id=$rss->department_id;
					
					}
	
						$logged_in=true;
						$data_session["staff_id"]=$staff_id;		
						$data_session["staff_name"]=$staff_name;
						$data_session["staff_dob"]=$staff_dob;
						$data_session["role_name"]=$role_name;
		                $data_session["roleid"]=$role_id;
						$data_session["staff_email"]=$staff_email;
						$data_session["department_id"]=$department_id;
						$data_session["logged_in"]=true;
							
						$CI->session->set_userdata($data_session);
					}
				
				
				/*$CI->db->select('*');
				$CI->db->from('staff');
				$CI->db->where("staff.login_id",$rs->login_id);
				
				
				$queryz=$CI->db->get();
		
				$rowz=$queryz->num_rows();
		
				if($rowz>0)
				{
					foreach($queryz->result() as $rss)
					{
						$logged_in=true;
					$data_session["staff_id"]=$rss->staff_id;		
					$data_session["staff_name"]=$rss->staff_name;	
					$data_session["staff_dob"]=$rss->staff_dob;
					$data_session["role_name"]=$rss->role_name;
	                $data_session["roleid"]=$rss->role_id;
					$data_session["staff_email"]=$rss->staff_email;
					$data_session["logged_in"]=true;
						
					$CI->session->set_userdata($data_session);
					}
				}
				*/
			}
			else
			{
				//user is not existed or enabled		
			}
			
				
			}	
			
			
			
    	}
		   
		return $logged_in;

	}
}
?>